Hope this is allowed here, not sure where else it would fit. I’m not in cybersecurity.
Webhosting company in the UK/USA has a vulnerability, their shared webhosting servers are wide open, I can browse the entire server, edit scripts, download logs, backups etc.
I reported this first to their sales team, as it’s the only way of doing so without being a customer, they didn’t take me seriously at all, said it’s the customers issue (it’s not a VPS, they only have a resellers plan for 10 sites, there’s 100’s more than those 10 sites on there).
Do I leave it now for 30 days and disclose it publically?